Flashcards in Information Systems and Comm. (Ch 4) Deck (102):
Which IT personnel roles should always be segregated?
What are the duties of a systems analyst?
Designs or purchases IT system
Responsible for flowcharts
Liaison between Users and Programmers
Note: Think IT Manager
What is the primary duty of a Systems Administrator?
A Systems Administrator controls database access.
What are the duties of a Systems Programmer?
Writes- Updates- Maintains- & Tests software- systems- and compilers
Which duties should a Systems Programmer NOT have?
In order to maximize internal control- a Systems Programmer should NOT have application programming duties/abilities or be an Operator on the system.
What are the duties of a Systems Operator?
Schedules and Monitors Jobs
Runs IT Help Desk
What duties should a System Operator NOT have?
For internal control purposes- they should not be a Programmer on the system.
If it is not possible to segregate duties in an IT System- what actions should be taken to compensate for internal control purposes?
Include Computer Logs.
Control Group should review the logs.
What is the purpose of a Management Information System (MIS)?
To assist with decision making.
What is an Accounting Information System (AIS)?
A type of Management Information System (MIS) that processes accounting transactions.
What are the characteristics of an Executive Information System (EIS)?
Specialized for Company Executive needs
Assists with Strategy Only
No Decision-Making Capabilities
What are the characteristics of an Expert System (ES)?
Computer uses reasoning
No human interpretation needed
What are the characteristics of a Decision Support System (DSS)?
Computer provides data
Gives Interactive Support
Human interpretation needed
What are the characteristics of an Ad Hoc computer report?
User initiates the report.
The report is created upon demand.
When are Exception reports generated?
Exception reports are produced when Edit Tests- Check Digits- or Self-Checking Digits identify a problem
What is a query?
A type of Ad Hoc report- initiated by a user.
What is End-User Computing?
The User develops and executes their own application.
What is the primary benefit of E-commerce?
E-commerce makes business transactions easier.
What are the risks of E-commerce?
Compromised data or theft.
Less paper trail for auditors.
What are the benefits of Electronic Data Interchange?
Uses globally-accepted standards
What is a File Server?
A file server stores shared programs and documents.
What is the purpose of a Database?
Located on a File Server- a Database allows users to share documents.
What is the purpose of a LAN (Local Area Network)?
It connects computers in close proximity.
What is the purpose of a WAN (Wide Area Network)?
It connects computers that are far apart.
What are the characteristics of a VAN (Value-Added Network)?
Serves as 3rd Party Between 2 Companies
Routes EDI Transactions
Accepts wide range of Protocols
What is the purpose of a Firewall?
Prevents unauthorized access to a network.
What are the characteristics of a virus?
Takes over a computer
Needs a host program to run
What are the characteristics of a computer worm?
Takes over multiple computers
Doesn't need a host program to run
What is the purpose of Automated Equipment Controls?
They prevent and detect hardware errors.
What is RAM?
Random Access Memory.
Internal memory in the computer used during immediate processing.
What is a CPU?
Computer Processing Unit
It processes commands within a computer.
What is Job Control Language?
It schedules and allocates system resources.
What are examples of input devices?
Magnetic Ink Reader
Magnetic Tape Reader
Point of Sale Scanner
What are examples of Output Devices?
What are the characteristics of Magnetic Tape storage?
Sequential Access - Sorts data in order
Slower data retrieval
Header Label prevents Operator error by loading wrong tape
External Labels prevent accidental destruction by operator
What are the characteristics of Magnetic Disks?
Random Access - Finds data in random spots
Faster data retrieval
Uses Boundary Protection for data
What is a Gateway?
Connects one network to another
Note: the Internet is connected by Gateways
What are Parity Checks?
A control that detects internal data errors.
A bit is added to each character- it checks to see if a bit was lost.
What is an Echo Check?
Transmitted data is returned to the sender for verification (it echoes back to the sender)
What is a Change Control?
It authorizes program changes and approves program test results.
What is security software?
Software that controls access to IT systems.
Note: Don't confuse this with anti-virus software
What is the purpose of a Digital Signature?
It confirms a message has not been altered.
List the types of computers from smallest to largest
Microcomputer - PC- Laptop (cost-effective)
Minicomputer - Like a Mainframe- but smaller
Mainframe - Large computer with terminals attached
Supercomputer - Very powerful and very big
What are the units of computer data from smallest to largest?
Bit - 1 (on) and 0 (off)
Byte - 8 bits to a byte/character
Field - group of related characters/bytes (i.e. Name- Zip Code- Serial #)
Record - Group of related fields (i.e. Member name- address- phone number)
File - Group of related records (i.e. Membership directory)
What is the duty of a design engineer?
Determine language used for a specific computer- on a computer-to-computer basis
What are object programs?
Programs written in base computer language- not similar to English.
How can source programs be recognized?
They are written in a language close to English.
What is the purpose of a Compiler?
Takes Source language (English) and converts to Object (Computer) Language
How does Online Analytical Processing work?
It uses a Data Warehouse to support management decision making.
What is Data Mining?
Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse.
What is the purpose of online transaction processing?
To process a company's routine transactions.
What are the characteristics of batch processing?
Data held- updates multiple files all at once
Leaves a better audit trail
Uses Grandfather-Father-Son backup (3 levels of backup kept in 3 locations)
What does an output control check for?
Checks to see if output data is valid- distributed and used in an authorized manner.
What does a processing control check?
Checks if data processing produced proper output
What is a hash total?
An input control number- a meaningless sum of values included in the input.
Example would be summing a list of SSNs to make sure the data is the same once entered as it was prior to input into the system.
What is a validity check?
Checks to see if data in existing tables or files belongs in the set
For example- is there a # in an alpha-only field or a letter in a numeric-only field
What is a limit check?
Checks to see if numbers surpass a certain limit- i.e. in an age field is the number greater than 110.
What is a check digit?
An input control that adds an identification number to a set of
digits - usually at the end
What is a field check?
An input check that prevents invalid characters- i.e. checks for alphabetic letters in a SSN field
What is a Hot Site?
A disaster recovery system where if the main system goes down- a Hot Site is ready to take over immediately.
What is a Cold Site?
If a main system goes down- a Cold Site will take time to get set up and running.
What is the most common database language?
SQL - Standard Query Language
What is a Data Definition Language?
Defines SQL Database
Controls SQL Tables
What is a Data Manipulation Language?
Queries SQL Database tables
What is a Data Control Language?
Controls Access to SQL Database
What are the characteristics of a Relational Database?
Uses rows and columns similar to spreadsheet
What are the characteristics of a Hierarchical Database?
Has various levels
Uses trees to store data
What are the advantages of a database?
Data is more accessible
What are the disadvantages of a database?
Cost of installation
Skilled personnel required to maintain
What are the components of a database?
Think: Your desktop computer runs applications and saves to a database
Functions Performed on Data
Collect, Process, Store, Transform, Distribute
Provides managers, auditors, and information technology users with set of measures, indicators, processes and bet practices to maximize the benefits of IT.
COBIT information criteria
Integrity, Confidentiality, Efficiency, Reliability, Availability, Compliance and Effectiveness (ICE RACE)
Application Programmer/Software Developer
Write/Maintain application program
#Install/Support//Monitor/Maintain the operating system
#Perform Capacity Planning Functions
Schedule/Run Processing jobs
Manage the Functions of IT department
Store and Protects Programs Unauthorized uses
Responsible for the initial passwords and maintain those passwords
Backup Computer to duplicate all the processes and transactions on the primary computer
Public Key Infrastructure (PKI)
Systems or Processes used to issue and manage asymmetric keys and digital certificates
Determining the correspondence between data elements in the organization's terminology and data elements in standard EDI terminology
Supply Chain Management
Planning, Sourcing, Making, and Deliver
Open,royalty free, internet based information standard for business reporting of all kinds
Input documents/transactions are collected and grouped by transactions and processed periodically
Online Real Time Processing
Timeliness of Information
Embeds intelligence into the identification numbers associated with particular item
Decision Support Systems
IS steering Committee
Plans and Oversees the information systems functions
Decryption of Decipherment
Cipher text into Plain Text
Program Level Policy
Information Security and assigns responsibility for the achievement of Security Objective
Establishes overall approach to computer security, adds detail by describing the elements and organization of the programs
Simplest type of Firewall Configuration
Detection of Fraud
Reviewing systems-access log
Protective device that keeps internet users from accessing intranet data
Ensure organization's control environment is stable and well managed
Prevents, Detects, and Corrects transactions errors
Full Backup (Longest)
Exact Copy of entire database
Incremental Backup (Shortest)
Only data that have been changed since last back up